Enforced Client Product Guide

Introduction

 

How does the software work?

The detection definition (DAT) files on the Internet site are regularly updated to add protection against new threats. When the client software connects to the update site on the Internet, it retrieves:

„Regular DAT files, which contain the latest definitions for viruses, potentially unwanted programs, and cookies and registry keys that might indicate spyware.

„Outbreak DAT files, which are high-priority detection definition files released in an emergency situation (see Outbreak response).

„Upgrades to the software if a newer version exists.

„Policy updates.

At any time, users can update manually by double-clicking in the system tray.

Update support for some operating systems is ending. After support ends, client computers running those operating systems will no longer be protected against new threats. See Operating system support ending on page 28 for more information.

1

Uploading security information

Client computers upload detection and status data hourly to the SecurityCenter website. This information is available to administrators in reports they can view on the SecurityCenter (see Viewing reports on page 78).

Outbreak response

When an outbreak of a new threat is identified by Avert Labs, they issue an outbreak DAT, which is a special detection definition (DAT) file marked as Medium or High importance. It is specially encoded to inform the first computer receiving it to share the update immediately with other client computers on the network. By default, client computers check for an outbreak DAT every hour.

Rumor technology

When one computer shares updates with other computers on the local area network (LAN), rather than requiring each computer to retrieve updates from the update website individually, the Internet traffic load on the network is reduced. This process of sharing updates is called Rumor.

1Each client computer checks the version of the most recent catalog file on the Internet site. This catalog file contains information for every component in Enforced Client, and is stored in a digitally signed, compressed .CAB file format.

„If the version is the same as the catalog file on the client computer, the process stops here.

„If the version is different from the catalog file on the client computer, the client computer attempts to retrieve the latest catalog file from its peers. It queries if other computers on the LAN have already downloaded the new catalog file.

2The client computer retrieves the required catalog file (directly from the Internet site or from one of its peers) and uses it to determine if new components are available for Enforced Client.

3If new components are available, the client computer attempts to retrieve them from its peers. It queries if computers on the LAN have already downloaded the new components.

14

Page 13 Page 15
Page 14
Image 14
SonicWALL 4.5 manual Outbreak response, Rumor technology, Uploading security information
Page 13 Page 15

4.5 specifications

SonicWALL 4.5 is a robust network security solution designed to address the evolving challenges in threat protection and data security. This release brings a suite of advanced features, cutting-edge technologies, and characteristics tailored to enhance system performance and resilience against cyber threats.

One of the highlight features of SonicWALL 4.5 is its Integrated Intrusion Prevention System (IPS). This system provides real-time threat detection and response by monitoring network traffic for potential vulnerabilities and malicious activities. With continuously updated signature-based detection, it ensures that organizations are protected against the latest exploits and attack vectors.

Another key component is the Next-Generation Firewall (NGFW) capabilities, which combine traditional firewall functions with advanced features such as application awareness, user identity control, and content filtering. The NGFW allows organizations to enforce detailed policies based on user roles, thereby enhancing the security posture while maintaining user productivity.

SonicWALL 4.5 also incorporates advanced malware protection through its Capture Advanced Threat Protection (ATP) service. This multi-engine sandboxing technology analyzes suspicious files and URLs in a secure environment, providing organizations with in-depth insights into potential threats before they reach the network.

Furthermore, the solution includes enhancements to Secure Mobile Access, enabling secure remote connections while ensuring that sensitive data remains protected. With features like SSL VPN, SonicWALL 4.5 allows users to securely access private networks from anywhere while maintaining compliance with data protection regulations.

In terms of management, SonicWALL 4.5 introduces an intuitive interface for centralized management, enabling IT administrators to configure and monitor multiple devices effortlessly. The reporting and logging capabilities are enhanced, providing detailed insights into network activity, which is crucial for compliance and forensic analysis.

SonicWALL 4.5 also prioritizes user experience and performance with its optimized hardware, ensuring faster processing speeds and reduced latency. Features like high availability and load balancing further enhance system reliability.

In summary, SonicWALL 4.5 stands out with its integrated IPS, NGFW capabilities, advanced malware protection through Capture ATP, secure mobile access, intuitive management interface, and optimized performance. This comprehensive suite of features positions SonicWALL 4.5 as a formidable player in the realm of network security, making it an appealing choice for organizations seeking robust protection against an ever-evolving threat landscape.
Top Page Image Contents